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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH (S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

• Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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earned patent term adjustment. See 37 CFR 1.704(b). 
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DETAILED ACTION 



Claims 2-3, 16-17 are amended and claims 29-36 are newly added. 

Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 
Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in 
public use or on sale in this country, more than one year prior to the date of application for patent in 
the United States. 

2. Claims 1-36 are rejected under 35 U.S.C. 102(b) as being anticipated by 
US Patent 5,671 ,279 by Elgamal. 

a) As to claim 1 , Elgamal shows a two way communications between 
customer and merchant. 

First computing device - customer (col. 3, line 39). 

Second computing device - merchant (col. 3, line 40). 

The first computing device communicates encrypted data to the second 
computing device as the customer sends a purchase request message to the 
merchant in which the payment method is encrypted (col. 9, line 30-33). 

The first computing device communicates non-encrypted data to the 
second computing device as the customer sends a purchase request message to 
the merchant in which the name, items to order, shipping address, etc. (col. 9, 
line 61-66) are not encrypted. 
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b) As to claims 2-3 and 16-17, Elgamal discloses the encrypted and 
non-encrypted data are transmitted in the same packet or in a different packet 
(col. 35, line 20-29) and further comprising: 

i) providing a display (considered an inherent element in a 
computer system i.e. CRT, screen) to a user, the display comprising at least first 
and second input fields for input from the user and at least a first presentation 
field associated with the at least first and second input fields (col. 5, lines 33-48; 
col. 6, lines 25-29; col. 13, lines 6-26; col. 24, lines 45-61). 

ii) receiving the message from the user, wherein the message 
corresponds to the display and wherein first datum refers to the first input field 
and the second datum to the second input field of the display (col. 13, lines 6-26; 
coi. 24, iines 45-67 - coi. 25, lines 1-4). 

c) As to claims 4-5 and 11, Elgamal indicates the same path is used 
for encrypted and non-encrypted data communications between customer and 
merchant. Moreover the system is designed to use the interactive model of the 
WWW for client server transactions on the Internet (col. 3, line 26-58). 

d) As to claim 6, Elgamal shows payment instruction (PI) is encrypted 
by a key (col. 20, lines 56-58). 

e) As to claim 7, Elgamal shows merchant certificate is 
communicated to the customer as part of the signature (col. 19, line 35 T 40). 



Application/Control r^ber: 09/435,736 Page 4 

Art Unit: 2137 

f) As to claims 8 and 9, Elgamal further shows a second key is 
employed to decrypt the payment instruction; the first and second key comprised 
a matched key to communicate the encrypted data (col. 30, line 56-64). 

g) As to claims 10, Elgamal teaches the step of communicating a 
procedure from the merchant to the customer to communicate the encrypted data 
(col. 19, line 35-39). 

h) As to claims 13 and 14, Elgamal discloses the step for customer 
to communicate the encrypted and non-encrypted data with the merchant 
through the purchase request message in which the payment method is 
encrypted and item list and shipping information are non-encrypted (col. 24, line 
29 to col. 25, line 4). 

i) As to claim 15, Elgamal shows a two way communications 
between customer and merchant. 

First computing device - merchant and acquirer (col. 3, line 40-41). 

Second computing device - customer (col. 3, line 39). 

Merchant communicates information - a purchase form - to customer in 
response to a purchase request message from customer. The information 
includes a procedure that causes customer to fill out the purchase form with only 
the payment instruction field encrypted and the rest of the form filled with non- 
encrypted data (col. 35, line 20-29). 
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The merchant receives the purchase form from the customer with 
encrypted payment instruction along with the non-encrypted data, the merchant 
then passes on the information to the acquirer to decrypt the payment instruction 
(col. 30, line 56-62). 

j) As to claims 18, 19 and 24, Elgamal indicates the same path is 
used for encrypted and non-encrypted data communications between customer 
and merchant. Moreover the system is designed to use the interactive model of 
the WWW for client server transactions on the Internet (col. 3, line 26-58). 

k) As to claim 20, Elgamal shows payment instruction (PI) is 
encrypted by a key (col. 20, lines 56-58). 

I) As to claims 21 and 22, Elgamal further shows a second key is 
employed to decrypt the payment instruction; the first and second key comprised 
a matched key to communicate the encrypted data (col. 30, line 56-64). 

m) As to claim 23, Elgamal indicates the step of communicating a 
procedure from the customer to the merchant to communicate the encrypted data 
(col. 19, line 50-52). 

n) As to claims 26 and 27, Elgamal discloses the step for customer 
to communicate the encrypted and non-encrypted data with the merchant 
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through the purchase request message in which the payment method is 
encrypted and item list and shipping information are non-encrypted (col. 24, line 
29 to col. 25, line 4). 

o) As to claim 28, it has the same limitations as claim 15, further the 
computer readable program code reads on any matter for carrying software. 

p) As to claims 29 and 33, Elgamal discloses the method wherein 
the first datum is confidential information to a user [i.e. payment instruction (col. 
9, lines 30-33)] and the second datum is non-confidential information to the user 
[i.e. name, items to order, shipping address, etc. (col. 9, lines 61-66)]. 

q) As to claims 30 and 34, Elgamal discloses the method further 
comprising: 

i) receiving the message from a user, the message comprising 
a plurality of input fields (col. 13, lines 6-26; col. 24, lines 45-67 - col. 25, lines 1- 
4). 

ii) determining each input field comprising confidential 
information to the user and each input field comprising non-confidential 
information to the user, wherein the first datum is confidential information and the 
second datum is non-confidential information (col. 24, lines 45-67 - col. 25, lines 
1-4). 
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r) As to claim 31, Elgamal discloses the method wherein the 
communicating steps occur at least substantially simultaneously (col. 5, lines 33- 
48). 



s) As to claims 32 and 35, Elgamal discloses the method wherein 
the communicating steps comprise: 

i) encrypting the information in each of the input fields 
identified as comprising confidential information (col. 9, lines 30-33; col. 13, lines 
6-27). 

ii) not encrypting the information in each of the input fields 
identified as comprising non-confidential information (col. 9, lines 61-66, col. 24, 
lines 46-61). 



t) As to claim 36, Elgamal discloses a method of communication 
data between a first computing device and a second computing device, the 
method comprising: 

i) providing a display (considered an inherent element in a 
computer system i.e. CRT, screen) to a user, the display comprising at 
least first and second input fields for input from the user and at least a first 
presentation field associated with the at least first and second input fields 
(col. 5, lines 33-48; col. 6, lines 25-29; col. 13, lines 6-26; col. 24, lines 45- 
61). 
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ii) receiving a message from the user, wherein the message 
comprises at least a first and second datum input by the user into the at 
least first and second input fields, respectively, of the display, wherein the 
first datum is confidential to the user and the second datum is non- 
confidential to the user (col. 13, lines 6-26; col. 24, lines 45-67 - col. 25, 
lines 1-4). 

iii) identifying that the first datum is confidential information to a 
user [i.e. payment instruction (col. 9, lines 30-33)] and the second datum 
is non-confidential information to the user [i.e. name, items to order, 
shipping address, etc. (col. 9, lines 61-66)]. 

iv) the first computing device communicating to the second 
computing device the first datum with encryption [i.e. the merchant 
receives the purchase form from the customer with encrypted payment 
instruction along with the non encrypted data (col. 30, lines 56-62). 

v) the first computing device communicating to the second 
computing device the second datum without encryption [i.e. the merchant 
communicates information - a purchase form - to customer in response to 
a purchase request message from customer. The information includes a 
procedure that causes customer to fill out the purchase form with only the 
payment instruction field encrypted and the rest of the form filled with non- 
encrypted data (col. 35, line 20-29)], wherein steps (iv) and (v) occur at 
least substantially simultaneously (col. 5, lines 33-48). 
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Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

4. Claims 12 and 25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Elgamal as applied to claims 10 and 15 above, and further in 
view of US Patent 5,729,594 to Klingman. 

Elgamal does not disclose the procedure is based on substantially lowest 
common denominator Java. 

Klingman teaches JAVA is the most platform independent language 
designed for the Internet applications (col. 17, line 63-67 and col. 19, line 46-54). 

It would have been obvious to one skilled in the art at the time the 
invention was made to modify Elgamal by supporting JAVA as taught in 
Klingman. One of ordinary skilled in the art would have been motivated to modify 
Elgamal to support JAVA because it's the most platform independent language 
designed for the Internet applications. 

Response to Arguments 



5. Applicant's arguments filed November 12, 2003 have been fully 
considered but they are not persuasive. 



Application/Control rifciber: 09/435,736 
Art Unit: 2137 



Page 



i) Applicant argues that: 

"The examiner states that Elgamal teaches sending both encrypted (PI 
value) and unencrypted (purchase order and payment instruction messages) 
information from a merchant to a customer. This conclusion conflicts with the 
clear teachings of Elgamal (col. 4, lines 33-37; col. 4, lines 52-57)". 

Examiner maintains that: 

The purchase order and the payment instruction messages are sent 
together from the card holder to the merchant (col. 9, lines 61-63), wherein the PI 
value should be encrypted (col. 9, lines 30-33) and others are unencrypted [i.e. 
name, items, shipping address (col. 9, lines 65-67)]. 

Eigamai teaches the payment protocol assumes the properties of privacy 
(col. 4, lines 33-37) and data integrity (col. 4, lines 52-57), therefore the PI value 
should be encrypted. 

ii) Applicant argues that: 

"Elgamal does state that the PI value may be sent "in the clear" (col. 10, 
lines 21-23, but later states (col. 10, lines 37-40). 

Contrary to the Examiner's assertions, Elgamal does not state that the purchase 
order and payment instruction messages are not encrypted." 
Examiner maintains that: 

Elgamal is consistent when saying the PI value may be sent "in the clear" 
(col. 10, lines 21-23) due to certain Merchant-Acquirer relationships, and later 
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stating it may be necessary to send the PI without encryption when a merchant 
with a good history could be considered trustworthy and can obtain clear account 
numbers from the acquirer (col. 10, lines 37-40). The purchase order is not 
mentioned anywhere in Elgamal to be encrypted, so as best understood it is 
unencrypted information. 



iii) Applicant argues that: 

"Elgamal refers to different messages sent at different times. It does not 
refer to the encryption of only parts of the same message. In the present 
invention, the encrypted and unencrypted input fields are requested to be 
transmitted by the user simultaneously or substantially simultaneously.." 

Examiner maintains that: 

Elgamal discloses a purchase order including PI is sent from the card 
holder to the merchant wherein the encrypted PI is part of the same message 
(Figure 2) and Elgamal teaches a system uses the advantages of an interactive 
environment such as World Wide Web to provide all parties with an immediate 
response that indicates the status of the messages communicated (col. 5, lines 
33-48), therefore the information is transmitted rather simultaneously or 
substantially simultaneously. 



iv) Applicant argues that: 

"Klingman, unlike Elgamal, sends confidential information over a circuit- 
switched telecommunications network, such as the PSTN, and non-confidential 
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information over a packet-switched network, such as the Internet. Consequently, 
there is no need for any encryption procedures or digital signatures, although 
encryption may be used if so desired (col. 13, lines 45-52). 
Examiner maintains that: 

Klingman discloses an on-line financial transaction system that uses state 
of the art computer telcom to provide secure and private purchasing capability of 
product goods, the system which uses the 900 number system in performing 
financial transactions (col. 6, lines 46-53), although the encryption algorithm is 
not being used in Klingman, his invention facilitates secure electronic purchases 
of goods on-line and the protocol supports JAVA codes which Elgamal does not 
disclose. 

Conclusion 

6. The prior art made of record and not relied upon is considered pertinent to 
applicants disclosure 

a) Affiliate Commerce System and Method, Ross, Jr. et al., 
(6,629,135). 

b) Transaction Authorization System, Cook et al., (6,675,153). 

c) Handheld Remote Computer Control and Methods for Secured 
Interactive Real-Time Telecommunications, Walsh et al., (6,144,848). 
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7. Applicant's amendment necessitated the new ground(s) of rejection 
presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. 
See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply is 
filed within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
period, then the shortened statutory period will expire on the date the advisory 
action is mailed, and any extension fee pursuant to 37 CFR 1 .136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 



8. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Minh Dieu Nguyen whose telephone number 
is 703-305-9727. The examiner can normally be reached on M-F 6:00-2:30. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Greg Morse can be reached on 703-308-4789. 

The fax phone numbers for the organization where this application or 
proceeding is assigned are: 

703-746-7238 for After-Final communications 

703-872-9306 for Official communications 
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703-746-5661 for Non-Official/Draft communications 

Any inquiry of a general nature or relating to the status of this application 

or proceeding should be directed to the receptionist whose telephone number is 

703-305-3900. 



Minh Dieu Nguyen 

Examiner 

Art Unit 2137 



mdn 
3/4/04 
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